FileNameValidator

Ensures that any filename that an editor chooses for naming (or uses for uploading a file) is valid, meaning that no invalid characters (null-bytes) are added, or that the file does not contain an invalid file extension.

Table of Contents

Constants

DEFAULT_FILE_DENY_PATTERN  = '\.(php[3-8]?|phpsh|phtml|pht|phar|shtml|cgi)(\..*)?$|\.pl$|^\.htaccess$'
Previously this was used within SystemEnvironmentBuilder

Properties

$fileDenyPattern  : string

Methods

__construct()  : mixed
customFileDenyPatternConfigured()  : bool
Find out if there is a custom file deny pattern configured.
isValid()  : bool
Verifies the input filename against the 'fileDenyPattern'
missingImportantPatterns()  : bool
Checks if the given file deny pattern does not have parts that the default pattern should recommend. Used in status overview.

Constants

DEFAULT_FILE_DENY_PATTERN

Previously this was used within SystemEnvironmentBuilder

public mixed DEFAULT_FILE_DENY_PATTERN = '\.(php[3-8]?|phpsh|phtml|pht|phar|shtml|cgi)(\..*)?$|\.pl$|^\.htaccess$'

Properties

$fileDenyPattern

protected string $fileDenyPattern

Methods

__construct()

public __construct([string|null $fileDenyPattern = null ]) : mixed
Parameters
$fileDenyPattern : string|null = null

customFileDenyPatternConfigured()

Find out if there is a custom file deny pattern configured.

public customFileDenyPatternConfigured() : bool
Return values
bool

isValid()

Verifies the input filename against the 'fileDenyPattern'

public isValid(string $fileName) : bool

Filenames are not allowed to contain control characters. Therefore we always filter on [[:cntrl:]].

Parameters
$fileName : string

File path to evaluate

Return values
bool

Returns TRUE if the file name is OK.

missingImportantPatterns()

Checks if the given file deny pattern does not have parts that the default pattern should recommend. Used in status overview.

public missingImportantPatterns() : bool
Return values
bool

        
On this page

Search results